svelte-template-directives
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a reference guide for Svelte 5 features, such as the new @attach directive and snippets. All code examples use standard web development practices.
- [REMOTE_CODE_EXECUTION]: No remote code execution or suspicious shell commands were found. The skill only includes static code snippets for educational purposes.
- [DATA_EXFILTRATION]: No network operations or attempts to access sensitive files (e.g., .env, .ssh) were detected.
- [PROMPT_INJECTION]: The content is purely instructional and does not contain any instructions attempting to override the agent's behavior or safety guidelines.
- [EXTERNAL_DOWNLOADS]: Mentions of external packages like 'tippy.js' and 'dompurify' are standard library references for Svelte development and do not involve untrusted download sources.
- [DYNAMIC_EXECUTION]: While the skill explains the {@html} directive which renders raw HTML, it explicitly includes a security warning section advising users to never render untrusted content and to use DOMPurify for sanitization.
Audit Metadata